Exploding the Enterprise: Summary

As I've considered the topic of the panel, Exploding the
Enterprise and discussed it with the panelists, we've decided that
the description in the Supernova program is sufficiently vague to
allow at least two interpretations:

Exploding the Enterprise in an internal sense. That is, allowing
teams, groups and organizations to function effectively regardless
of distance.

Exploding the Enterprise in the external sense. That is, creating
opportunities
for more and more of the business to be performed by service
bureaus and even independent contractors.

The first is the domain of network communications, groupware,
IM, and presence. The second is the domain of Web services,
identity management, and transactions. The first is about
cross-functional and interdepartmental cooperation and is long-term
and fluid. The second is generally more focused by the specific
tasks being performed (e.g. payroll), well-defined, and for a fixed-term.

I attended a MIT continuing education course 4 or 5 years ago
where someone (wish I could remember who) presented research that
showed that group interaction dropped in half when participants
were separated by more than 400 feet (yes, feet!). And that's on
the same floor. Don't even talk about stairs. This seems to present
a huge barrier for the exploded enterprise. Perhaps the more
limited, transactionally oriented, focused interactions common with
external relationships overcomes this.

The external sense of "Exploding the Enterprise" seems more in
line with the expertise of the members of the panel and I think
that's where we will spend most of the time, but there's also some
interesting discussion that can take place at the intersection of
these two areas.

For example, I was part of an organization, state government,
that in many ways could be considered dysfunctionally organized,
but is probably not all that unusual among large organizations.
There were many different divisions with their own goals and budgets and
they were only
loosely connected. As CIO, I saw Web services and identity
management as great tools to create cooperative ventures among the
loosely coupled divisions.

In this scenario, we could view the external, highly focused
interactions of an organizations and the many external service
bureaus and contractors as just a leading indicator of the kind of
relationships that might exist in internal situations as
organizations become more loosely coupled. Put another way, are
technologies like presence, Web services, identity management, P2P
document management and so on enabling a new kind of loosely
coupled, decentralized organization that's still able to
cooperatively achieve larger goals?

Here are some possible discussion points for the panel:

Phil Becker and others, like the Jerico Forum,
have talked
about the "deperimeterization" of the enterprise. That seems an apt
description of what we're talking about. This is being brought
about by things as important as the need to work more closely with
trading partners and even customers and as mundane as regular folks
installing Wi-Fi in their homes and then logging onto the corporate
network through a VPN. The exploding enterprise has significant
ramifications for our traditional notions of computer and network
security.

Any enterprise is no longer a single organization, but a
federation of many organizations. The organizations in the
federation do not report to a common manager or even share a common
long-term goal. They are federated by contracts and connected by
networks.

Enterprise applications are no longer homogeneous. There is no
common IT infrastructure and no hope to ever build one. For
example, you need to talk to the company that does your payroll,
but you're not big enough to force any kind of architectural
decisions on them.

You have a varying ability to influence how partners operate. This
goes beyond the common IT infrastructure decisions I was talking
about in the last bullet--you may not even be able to get them to
adhere to your corporate document naming standards, for
example.

For the most part, your partner organizations don't want to let you
all the way inside their systems and you don't want to let them all
the way inside yours. The interaction is at well-defined
(hopefully) interfaces.

The reality of modern organizations is that there is not and
never will be a shared infrastructure for identity, computing,
document management or anything else. The solution has to be
decentralized to work.

The ROI on provisioning contractors and part-time service
providers, what we'll call "non-persistent employees" is lower than
with a direct employee. IT systems have to be architected to reduce
the amount of effort required for employee provisioning to make
this model effective. Otherwise, it can eat the infrastructure
budget alive.

Much of the focus in this area has been in federating identity
with the idea that once we have federated identity we can manage
the access control issues of this exploded enterprise. There is a
third way, however and that is to use accountability for those
resources that its appropriate for. Dan Geer says that
"accountability is a log processing problem." For accountability to
work in managing resources in the exploded enterprise, you don't
need federated identity, just some identity (like an email
address).

We're inclined to associate presence with IM since that's where
its used most pervasively, but presence messages could be separated
from the IM application and deployed as a general-purpose
infrastructure that's usable by many apps, including IM. In this
scenario, presence messages would flow between machines over an
enterprise messaging infrastructure. These presence messages would
be generated by an IM client, but by just about any application,
such as your calendar or word processing program.